package com.example.config;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import com.example.filter.VerificationCodeFilter;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.servlet.Filter;
import java.util.LinkedHashMap;
import java.util.Map;

/**
 * @author code威
 * @version 1.0
 * @description: 配置对象类
 * @date 2021/12/5 20:53
 */
@Configuration
public class ShiroConfig {
    private static final transient Logger log = LoggerFactory.getLogger(ShiroConfig.class);

    @Value("${shiro.user.captchaEnabled}")
    private boolean captchaEnabled;

    @Value("${shiro.user.captchaType}")
    private String captchaType;

    // ShiroFilterFactoryBean
    @Bean(name = "ShiroFilterFactoryBean")
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("sercurityManager") DefaultWebSecurityManager manager){
        ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
        //设置安全管理器
        bean.setSecurityManager(manager);
        log.info("=====    init ShiroFilterFactoryBean start   =====");
        /*
        * anon:无需认证就访问
        * authc:必须认证才能访问
        * user：必须拥有记住我  功能才能方位
        * perms:拥有对某个资源的权限才能访问
        * role：拥有某个角色权限才能访问
        *
        * */

        Map<String,String> filterChainDefinitionMap = new LinkedHashMap();
        // 授权，正常情况下
        filterChainDefinitionMap.put("/user/add","perms[add]");
        filterChainDefinitionMap.put("/user/update","perms[update]");
        filterChainDefinitionMap.put("/user/*","authc");
        filterChainDefinitionMap.put("/tologin","verificat");
        filterChainDefinitionMap.put("/login","verificat");




        bean.setFilterChainDefinitionMap(filterChainDefinitionMap);
        bean.setLoginUrl("/tologin");
        bean.setUnauthorizedUrl("/Unauthorized");

        // Shiro连接约束配置，即过滤链的定义
        LinkedHashMap<String, Filter> filterMap = new LinkedHashMap<>();

        filterMap.put("verificat",getVerificationCodeFilter());

        bean.setFilters(filterMap);
        return bean;
    }

    //DefaultWebSecurityManager
    @Bean(name = "sercurityManager")
    public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm){
        DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
        //关联userRealm
        log.info("=====    init manager start   =====");
        manager.setRealm(userRealm);
        return manager;
    }



    //创建 realm对象，需要自定义类
    @Bean
    public UserRealm userRealm(){
        log.info("=====    init UserRealm start   =====");
        return new UserRealm();
    }

    @Bean
    public ShiroDialect getShiroDialect(){
        return new ShiroDialect();
    }

    public VerificationCodeFilter getVerificationCodeFilter(){
        VerificationCodeFilter verificationCodeFilter = new VerificationCodeFilter();
        verificationCodeFilter.setCaptchaEnabled(captchaEnabled);
        verificationCodeFilter.setCaptchaType(captchaType);
        return verificationCodeFilter;
    }

}
